STRM Users Guide
74
M
ANAGING
S
ENTRIES
Step 5
Edit the variables, as necessary. The list of variables includes all configured values
for this sentry. Only the variables that apply to this sentry appear.
Maximum
responses per
events
Specify the maximum number of number of times you wish this
event to generate a response.
Is Enabled
Select the check box to enable this sentry. Clear the check box to
disable the sentry.
Test as group
Select the check box is you wish all objects to add together to be
tested. Clear the check box if you wish each object to be
evaluated separately.
Restrictions
Select the check box for one or more restrictions you wish to
enforce for an active sentry including:
•
Date is relevant
- Select the check box to indicate that this
sentry must consider the date. When selected, date fields
appear. Enter the relevant dates you wish this sentry to
monitor.
•
Day of week is relevant
- Select the check box to indicate
that this sentry must consider the day of the week. When
selected, day of the week fields appear. Using the drop-down
list boxes, select the relevant days you wish this sentry to
consider.
•
Time of day is relevant
- Select the check box to indicate that
this sentry must consider time of day. When selected, time of
day fields appear. Using the drop-down list box, select the
time of day you wish this sentry to consider.
Permissions
Specify the users you wish to allow access to edit this sentry.
Package
Using the drop-down list box, select the sentry package you wish
to apply to this sentry. To edit an existing package, click
Edit
or
to create a new package, click
Create New
.
Responses
Specify the method you wish to be notified if this sentry
generates an event. The options are:
•
•
Log
- Sends event information to standard syslog on STRM
Console.
QRL
Specifies the details of the current view for this sentry.
Table 4-21
Edit Behavior, Anomaly, or Threshold Sentry (continued)
Parameter
Description
Содержание SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
Страница 13: ...STRM Users Guide Assets 7 Note For more information see Chapter 8 Managing Assets...
Страница 100: ...STRM Users Guide 94 INVESTIGATING OFFENSES...
Страница 138: ......
Страница 226: ......